Lenovo ThinkSystem NE1032 Quick start guide

Brand: Lenovo

Model: ThinkSystem NE1032

Type: Quick start guide

Lenovo ThinkSystem NE1032 is a high-performance, Layer 3 switch designed for data center and enterprise campus deployments. With its compact 1U form factor, it provides 32 non-blocking 10GbE SFP+ ports and 4 fixed 40GbE QSFP+ ports, delivering high-density and flexibility for your network infrastructure.

The NE1032 supports advanced Layer 2 and Layer 3 switching features, including Layer 3 static and dynamic routing protocols (RIP, OSPF, and BGP), multicast routing, and policy-based routing. It also offers comprehensive security features such as access control lists (ACLs), quality of service (QoS), and Layer 2-4 firewall capabilities.



Lenovo NE1032 Switch

Quickstart Guide



Document Version 1.0: 10/2018



Scale Computing 2018 1



Table of Contents



Introduction 3

Requirements 3

Connect to the Switch 4

Over the Network 4

Console 4

CLI Mode Basics 5

Set the Management IP 6

Management Configuration Example 6

Management VLAN Configuration Example 6

Update the Firmware 7

General Configuration 9

Set the Enable Mode Password 9

Generate New SSH keys 9

Set AAA Maximum Attempts 9

Create Additional Users 9

Set NTP 9

Set DNS 10

Create VLANs 10

Verify Spanning Tree 10

Logging 11

Port Configuration 12

Switchport Access Mode 12

Switchport Hybrid Mode 12

Switchport Trunk Mode 12

Link Layer Discovery Protocol 13

Feedback & Support 14

Document Feedback 14

Technical Support and Resources 14

Disclaimer 14



 



Scale Computing 2018 2



Introduction

This guide provides general configuration examples. The configurations found here may not be applicable for all

environments. Consult Lenovo’s official documentation for further information in regards to your environment's

unique configuration.



Requirements

● This guide was written for CNOS version 10.8.1.0. If you are on a lesser version, update to match 10.8.1.0

due to command syntax changes.

● A Terminal Emulation program, such as PuTTY.

● (Optional) Mini-USB B male to USB A male cable.



 



Scale Computing 2018 3



Connect to the Switch

Over the Network

By default, the management interface is set to request a DHCP address. If DHCP is available, check your leases on

your DHCP server to determine the IP address of the switch. Using an SSH client, you may log in to the switch over

the network. The default username is admin, and the default password is admin.



Console

Using a terminal emulator, such as PuTTY, connect the provided USB adapter to the port shown below.





Set your console settings as follows:

Default baud rate = 9,600 bps

Character size = 8 characters

Parity = none

Stop bits = 1

Data bits = 8

Flow control = none



The default username is admin and the default password is admin.



 



Scale Computing 2018 4



CLI Mode Basics

Configuration for the NE1032 is performed through a CLI interface. As a reference:

> = unprivileged mode

# = privileged mode

(config)# = global configuration mode

(config-if)# = interface configuration mode

(config-vrf)# = virtual routing and forwarding configuration mode



Upon login you will be in the unprivileged mode. To enter privileged mode:

> enable

#



NOTE



You can use ? to display what commands are available in the current mode.



In order to configure the switch we need to enter global configuration mode. This mode is used for settings that

aren’t specific to the switch ports.

# conf t

(config)#



Configuration of switch ports is performed in interface configuration mode. To return to the previous configuration

level:

(config-if)# exit

(config)#



 



Scale Computing 2018 5



Set the Management IP

The management network should be separated from any data networks and have physically independent hardware

supporting it. The goal of the management network is to maintain remote access to network equipment should a

configuration change interrupt the data networks. Optionally, you may use a VLAN interface instead.



Management Configuration Example

> en

# conf t

(config)# int mgmt0

(config)# ip addr 10.205.13.252 255.255.255.0

(config)# vrf context management

(config-vrf)# ip route 0.0.0.0/0 10.205.13.1



Management VLAN Configuration Example

> en

# conf t

(config)# interface vlan 1

(config-if)# ip address 10.205.13.252 255.255.255.0

(config-if)# exit

(config)# ip route 0.0.0.0/0 10.205.13.1



 



Scale Computing 2018 6



Update the Firmware

Download the Latest Firmware

Download the zip file here.



Unzip the archive. Rename the extracted folder to ne1032 and place it in your local user home directory. Make sure

your firewall will allow port 22, or turn it off temporarily. If you are using a linux machine, ensure sshd is running.

# copy sftp sftp://10.205.105.202//home/cdraper/ne1032/NE1032-CNOS-10.8.1.0.imgs system-

image all vrf management



Output should appear as follows:

Confirm download operation? (y/n) [n] y

Download in progress

Enter Username:user

[email protected]'s password:

sftp> progress

Progress meter enabled

sftp> get /home/user/ne1032/NE1032-CNOS-10.8.1.0.imgs /tmp/ORCA/image.30383

/home/user/ne1032/NE1032-CNOS-10.8.1.0.imgs 6% 12MB 2.0MB/s 01:22

ETAN/home/user/ne1032/NE1032-CNOS-10.8.1.0.imgs 8% 15MB 1.9MB/s 01:24

ETAN/home/user/ne1032/NE1032-CNOS-10.8.1.0.imgs 100% 175MB 1.6MB/s 01:47

Copy Success

Install image...This takes about 90 seconds. Please wait

Check image signature succeeded

Extracting image: 100%

Installing system image to slot 1:

Installing image: 100%

Extracting image: 100%

Installing uboot:

Updating flash: 100%

Extracting image: 100%

Installing NOS Kernel:

Updating flash: 100%

Extracting image: 100%

Installing NOS DFT:

Updating flash: 100%

Extracting image: 100%

Installing NOS RFS:

Updating flash: 100%



Scale Computing 2018 7



Boot image installation succeeded.

OS image installation succeeded.

Boot loader now contains Software Version 10.8.1.0

Standby image now contains Software Version 10.8.1.0

Switch is currently set to boot active image.

Do you want to change that to the standby image? (y/n) [n] y



Reboot the switch to load the new firmware:

# reload



 



Scale Computing 2018 8



General Configuration

Set the Enable Mode Password

(config)# enable password SOMEPASS



Generate New SSH keys

# conf t

(config)# no feature ssh

(config)# ssh key rsa length 4096 force

(config)# ssh login-attempts 3

(config)# feature ssh



Set AAA Maximum Attempts

Authentication, authorization, and accounting features determine what resources users have access to, and where to

check for that user’s credentials. Here, we are setting failed login attempts to be logged and the maximum number of

(config)# aaa authentication login error-enable

(config)# aaa local authentication attempts max-fail 25



Create Additional Users

The network-admin account type has full administrative rights to the switch. The network-operator is a limited

account type.

(config)# username <ADMIN> role network-admin password <PASSWORD>

(config)# username <USER> role network-operator password <PASSWORD>



Set NTP

Any internal or external NTP server that is accessible on your network should work.

(config)# feature ntp

(config)# ntp server 10.205.13.2



Scale Computing 2018 9



Set DNS

Any internal DNS server that is accessible on your network should work.

(config)# ip name-server 10.205.13.3 vrf default



Create VLANs

You may create VLANs individually as follows:

(config)# vlan 2

(config-vlan)# name SCALEBACKPLANE



Or, you may create multiple VLANs at once using a range:

(config)# vlan 1-10



Verify Spanning Tree

(config)# sh spanning-tree



Ensure that the spanning tree protocol supports rapid convergence. By default the NE1032 uses rapid-pvst.

VLAN0001

spanning-tree enabled protocol rapid-pvst

ROOT ID priority 32769

address a48c.db96.7f00

This bridge is the root

Hello Time 2 Max age 20 Forward Delay 15

BRIDGE ID priority 32769 (32768 sys-id-ext 1)

address a48c.db96.7f00

Hello Time 2 Max age 20 Forward Delay 15

Interface Role Sts cost Prio.Nbr Type

---------------- ---- --- --------- ------------- ----------------------

Ethernet1/1 Desg FWD 2 128.410001 point-to-point

Ethernet1/2 Desg FWD 2 128.410002 point-to-point

Ethernet1/3 Desg FWD 2 128.410003 point-to-point

Ethernet1/4 Desg FWD 2 128.410004 point-to-point







Scale Computing 2018 10



Logging

Troubleshooting relies heavily on inspecting the switch logs. In this example, we are setting logging to debug level

and storing them locally, allocating the maximum size possible for local storage of the logs.

(config)# logging logfile switch_log 6 size 10485760

(config)# show logging logfile



If there is a remote syslog server available:

(config)# no logging logfile

(config)# logging server 10.205.13.36 6 vrf data

(config)# logging server 10.205.13.36 protocol tcp port 5002



 



Scale Computing 2018 11



Port Configuration

By default, all ports are in access mode for VLAN 1. If you are not utilizing VLANs in your environment, you will not

need to configure the VLAN settings for the switch ports further. We recommend isolating backplane ports for Scale

Computing equipment to a VLAN other than 1 using access mode.



Switchport Access Mode

Access mode allows only one VLAN to be configured for a switch port. Use this mode when connecting an end

device that is unaware of VLANs, such as the Scale Computing node backplane ports.

(config)# interface ethernet 1/1

(config-if)# switchport mode access

(config-if)# switchport access vlan 10



Switchport Hybrid Mode

Hybrid mode is used when an interface needs to carry multiple VLANs, such as the Scale Computing LAN ports. If

your VMs need access to specific VLANs other than what the Scale Computing node itself resides upon, you will

need to tag those VLANs. In this example, the Scale Computing appliance is being managed on VLAN 5. The

management interface is unaware of VLANs and thus needs to be untagged traffic. Note that VLAN 5 is omitted from

the list of egress-tagged VLANs.

(config)# interface ethernet 1/1

(config-if)# switchport mode hybrid

(config-if)# switchport hybrid native vlan 5

(config-if)# switchport hybrid allowed vlan 1-10

(config-if)# switchport hybrid egress-tagged vlan 1,2,3,4,6,7,8,9,10

(config-if)# show interface eth1/1 switchport

(config-if)# show running-config interface ethernet1/1



Switchport Trunk Mode

Trunk mode is also used when an interface needs to carry multiple VLANs. Trunk mode configuration is less explicit

than Hybrid mode. In the following configuration example, the Scale Computing appliance is being managed on

VLAN 5.

(config)# interface ethernet 1/1

(config-if)# switchport mode trunk

(config-if)# switchport trunk allowed vlan all

(config-if)# switchport trunk native vlan 5

(config-if)# show interface eth1/1 switchport

(config-if)# show running-config interface ethernet1/1



Scale Computing 2018 12



Link Layer Discovery Protocol

LLDP is very useful for troubleshooting and network mapping.

(config)# interface ethernet 1/1

(config-if)# lldp transmit

(config-if)# lldp receive

(config-if)# lldp trap-notification

(config-if)# end



To view information about neighboring network devices:

# show lldp neighbors [detail]

# show lldp interface all



 



Scale Computing 2018 13



Feedback & Support

Document Feedback

Scale Computing welcomes your suggestions for improving our documentation. Please send your feedback to

[email protected].



Technical Support and Resources

There are many technical support resources available for use. Access this document, and many others, at

http://www.scalecomputing.com/support/login/.



Disclaimer

Switches are not covered under the support and warranty for the Scale Computing HC3 system. Scale Computing is

not responsible for any issues arising from the use of this guide. Any and all questions, issues, or concerns

regarding switch configuration should be addressed with the switch manufacturer directly.



Scale Computing 2018 14

Lenovo ThinkSystem NE1032 Quick start guide

Lenovo ThinkSystem NE1032 Quick start guide

Lenovo ThinkSystem NE1032 Quick start guide

Related papers

Other documents